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[57] ABSTRACT 

Proprietary information such as programs and/or data are 
protected using a secure processing system that includes a 
memory such as an EPROM in which the proprietary 
information is stored in a first portion of the memory. The 
stored information is encrypted by an encryption algorithm 
unique to the proprietor of the information. The stored 
information is assigned an unique key that will enable the 
information to be decrypted if the unique algorithm is 
known. A second portion of the memory has the unique key 
stored therein, the unique key is encrypted with a master 
encryption algorithm and can only be obtained by using a 
master key with the master algorithm. Aprocessing unit such 
as a Digital Signal Processor (DSP) has both the proprietor's 
unique algorithm, master algorithm and master key available 
to it. The processing unit can retrieve the information from 
the memory and execute it after decrypting the unique key 
using the master algorithm and the master key and then 
decrypting the information using the unique algorithm and 
the unique key. 
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PROTECTION FOR CUSTOMER The security system may also be used for smart cards. A 

PROGRAMS (EPROM) smart card provider will have its own proprietary algorithm 

BACKGROUNT) OF THE INVENTION ^'^^ '^"^^ holder will have their own unique key 

. and algorithm such as a Personal Identification Number 

Hiis invention relates to a method of protecting informa- ^ ^pj^ ^^^^^^ ^^^^^ ^ ^gp j^^j^^ 

tion stored m a memory device such as and EPROM. ^ ^ ^^^^^^ ^^^^^ pj^ ^ ^^^(^^ 

The manufachirers of Digital Signal Processor (DSPs), ^^^^rt card has the PIN that has been encrypted by a 

as a service to their customers, will manufacture the DSP to ^ j^^^ ^.^^^^ ^ .^^ ^ 

operate with the cus omer s own proprietary programs. As a ^ ^ pg? retrieves and deciphers the encrypted 

par of that service the manufac^^^^^^ ^ ^^^^ ^^j^J'^^j 

customer s propnetary information. In some cases, the pro- . j wr l • • . j . . j • 

prietary information is stored external to the DSP in memo- the comparison is correct, then the data stored m 

ries such as EPROMs, masked ROMs, CDs and even floppy smart card is transferred and deciphered in the manner 

discs. The DSPs are mass produced and are not unique to discussed above. The card holder can then carry out the 

any particular customer. Any customer may develop a pro- desired transaction. 

gram to run on the DSP by using the DSP's unique is BRIEF DESCRIPTION OF THE FIGURES 

OP-Codes. The concern that a customer has is that, after a ^ , , . „ - , 

substantial investment in time and money developing a FIG. 1 is a schematic diagram of an encryption algonthm; 

proprietary program, a competitor or even a program pirate FIG- 2 is a block diagram of the security system according 

may obtain his program by purchasing a copy of it and a to the invention; and, 

DSP and then extracting the program. 20 FIG. 3 is a block diagram of an alternate embodiment of 

One way of protecting proprietary programs is to encrypt the invention, 

them prior to their being read. U.S. Pat. No. 4,764,959 FIGS. 4A and 4B are flow charts of the transaction, 

disclosed a single^hip microcomputer with an encryption DETAILED DESCRIPTION OF THE 

function that encrypts the contents of the memory for INVENTION 

secrecy protection when the programs stored in a Read Only 25 

Memory (ROM) are read to the outside. However, it is quite FIG- 1 is a schematic diagram of a simplified encryption 

simple to reverse engineer the ROM and determine the algorithm 10, which is provided for illustrative purposes, 

program by observing the state of each memory cell of the The encryption algorithm 10 has a pluraHty of stages 2, 4 . 

j^OM. • • The larger the value of N or the greater the number of 

Smart Card manufacturers also have developed many 30 stages the more complex the encryption algorithm. Each 

techniques for authenticating (a form of encryption) the stage has an operation such as 1 for stage 2, operation 5 for 

validity of data stored in a smart card's memory. For stage 4 and operation 9 for stage N. The operation shift the 

example, U.S. Pat. No. 5,343,530 disclosed one method. bit stored in that stage in a first direction for a defined 

number of bits or in a second direction for a defined number 

SUMMARY OF THE INVENTION depending upon the key that defines the shift direction 

Proprietary information such as programs and/or data are and magnitude of the shift. The key word controls the 

protected using a secure processing system that includes a operation including the direction and magnitude of the shift, 

memory, such as an EPROM, in which the proprietary The output of each stage is the combination of the operated 

information is stored in a first portion of the memory. The bit with the unoperated bit. Thus, adder 3 combines x with 

stored information is encrypted by an encryption algorithm 40 x', the operated bit and applies it to stage 4 where operator 

unique to the proprietor of the information. The stored 5 operates on it according to the key bit for that stage. Adder 

information is assigned an unique key that wifl enable the 7 combines x+x' with (x+x*)' which summation is applied to 

information to be decrypted if the unique algorithm is the next stage where the process is repeated. However, the 

known. A second portion of the memory has the unique key operator for each stage is under the control of a key bit. The 

stored therein. The unique key is encrypted with a master 45 final stage N after completion of the operation by operator 

encryption algorithm and can only be obtained by using a 9 and the summation by the adder 11 provides as an output 

master key with the master algorithm. A processing unit such Y which is the encryption of x by algorithm E according to 

as a Digital Signal Processor (DSP) has both the proprietor's key K or Y=E(K,x). 

unique algorithm, master algorithm and master key available FIG. 2 is a block diagram of a secure system according to 

to it. The processing unit can retrieve the information from 50 the invention in which encrypted information Y is stored in 

the memory and execute it after decrypting the unique key first section 14 of a memory 11 such as an EPROM, masked 

using the master algorithm and the master key and then ROM, Compact Disc (CD) or even a floppy disc. The 

decrypting the information using the unique algorithm and memory 11 has a second section 16 in which an encrypted 

the unique key. Key Zi is stored. In one embodiment the encrypted infor- 

The processing unit has an access port for accessing the 55 mation is a proprietary program X developed to operate a 

information stored in the memory unit. A second processing DSP 13. The encrypted program Y is encrypted by an unique 

unit, such as a personal computer, can be connected to the algorithm Ec and Key Kci known only to the proprietor of 

access port and an operator can enter the unique key. The the program and the manufacturer of the DSP 13. In general, 

second processing unit can then retrieve the encrypted the algorithm Ec is selected for speed in order for the 

information by providing the DSP with the unique key. The eo encrypted program Y to be rapidly deciphered by the DSP 

DSP will decipher the encrypted information using the 13. Therefore, its complexity will be limited. To enhance the 

proprietary algorithm and the unique key and then passes the security of the system the Key Kc is encrypted by a complex 

decrypted programs and/or data to the second processing algorithm Em known only to the manufacturer of the DSP 

unit. with a Key Km also known only to the manufacturer of the 

For security purposes, the master program is very com- 65 DSP. 

plex but the unique algorithm is less complex than the The DSP reads Zi, the encrypted Kc, from the memory II 

master algorithm. via connector 12 and deciphers it with the master decryption 
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algorithm module 21. After the Key Kc is deciphered the 
DSP reads the encrypted program Y with the customer 
decryption algorithm module 23. The program is stored in 
the on-chip program RAM 25 and the DSP execute the 
program on data provided on input 17 and provides the 
modified data as an output on bus 19. 

The program developer may want to debug the program 
so there is a debug port 27 provided. A personal computer 
PC may be connected to the debug port 27 and input the Key 
Kc to obtained a copy of the deciphered programmed. 

As an alternative the algorithm Ec may be encrypted and 
stored in the section 16 and the Key retained in the DSP 13. 
The operation would be essentially the same as described 
above. 

FIG. 3 is an alternate embodiment of the secured system 
of FIG. 2. In FIG. 3, a microprocessor (not shown) similar 
to DSP 13 is included as part of a smart card system 30. The 
memory 11 is mounted on a card 112 which is designed to 
be inserted into a slot 26. The memory has conductors 8 
which, as known in the art (such as in U.S. Pat, No. 
4,382,279 which is incorporated herein by reference) when 
placed into the slot 22 contact with contractors 32, allow a 
machine 28 such as a cash machine having a microprocessor 
mounted within it to read the memory 11. In this 
embodiment, the card holder enters his key via keypad 24. 
After verification that the entered key is the same as the 
encrypted key, the machine 28 will allow the card holder to 
conduct transactions and obtain cash via dispenser 26. 

The flow chart for executing the above transactions is 
illustrated in FIG. 4A to which reference should now be 
made. After start at block 31, the microprocessor 113 checks 
to see if a card is present in the slot 22. If present, the 
microprocessor obtains the holders PIN a block 41 via the 
keypad 24 and the port 27 of machine 28. Following the 
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15 



20 



30 



entry of the PIN, the holders Key is deciphered using the 
Master deayption algorithm module 21 at block 43. If the 
PIN does not equal the Key then at decision block 45 the NO 
line 48 is taken to the program exits at exit 47. If the PIN is 
equal to the deciphered Key then the YES line 49 is taken 
and the encrypted information stored in the memory 11 is 
deciphered by the customer decryption algorithm module 23 
ad block 51. The transaction is completed at block 53 
following which the system exits the program at block 47. 

Finally, both the memory 11 and processing unit may be 
mounted on the same card. Utilizing the teachings of this 
invention, the embodiment of U.S. Pat. No. 4^82,279 
disclosed the memory and processor on the same card, may 
be substantially improved by incorporating the security 
system disclosed herein. 

I claim: 

1. A method of protecting information, comprising: 
encrypting the information by using a first algorithm and 
a first key, 

storing the encrypted information in a first portion of a 
memory unit; 

encrypting the first key with a second algorithm and 
second key; 

storing the encrypted first key in a second portion of the 
memory unit; 

retrieving the encrypted first key with a processing unit 

having stored therein the first algorithm, the first key 

and the second algorithm; 
decrypting the first key using the second algorithm and 

the second key; and 
decrypting the information using the first algorithm and 

the first key. 
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